factual

Regarding compliance with privacy laws, what is the obligation of Brightstar Care and the franchisee to determine the applicability of Privacy Laws?

Brightstar_Care Franchise · 2025 FDD

Answer from 2025 FDD Document

BrightStar arranges for certain products and services (the "Services") as a franchisor, to Covered Entity as a franchisee, as set forth in the BrightStar Franchising, LLC Agency Franchise Agreement between Covered Entity and BrightStar ("Franchise Agreement").

  • B. The Parties' performance under the Franchise Agreement may or will require Covered Entity to disclose and/or provide to Business Associate private and/or protected health and/or medical information as defined under, and governed by, applicable state law and Individually Identifiable Health Information and/or Electronic Protected Health Information as defined in the Health Insurance Portability and Accountability Act ("HIPAA"), the Health Information Technology for Economic and Clinical Health Act ("HITECH"), and/or regulations promulgated under such laws (state law, HIPAA, and HITECH are hereafter referred to collectively as "Privacy Laws") and may or will require BrightStar to receive, access, review, maintain, retain, modify, record, store, forward, produce, hold, use, create, disclose, and/or destroy such information (the "PHI").
  • C. BrightStar's performance of the Services may give rise to certain legal obligations under Privacy Laws and BrightStar may be considered a "business associate" and franchisee may be a "covered entity" as those terms are defined in 45 C.F.R. § 160.103. This Agreement will not apply to relationships between the parties where BrightStar is not considered a "business associate" as defined in 45 C.F.R. 160.103.

Source: Item 22 — CONTRACTS (FDD pages 117–118)

What This Means (2025 FDD)

According to Brightstar Care's 2025 Franchise Disclosure Document, both Brightstar Franchising, LLC (referred to as "BrightStar" or "Business Associate") and the franchisee (referred to as "Covered Entity") have obligations regarding privacy laws. The Business Associate and Confidentiality Agreement states that the franchisee may disclose and/or provide private and/or protected health and/or medical information to BrightStar, which may require BrightStar to handle such information.

The agreement specifies that Privacy Laws include applicable state law, the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health Act (HITECH), and regulations promulgated under these laws. BrightStar's performance of services as a franchisor may give rise to legal obligations under Privacy Laws, potentially classifying BrightStar as a "business associate" and the franchisee as a "covered entity" as defined in 45 C.F.R. § 160.103.

However, the agreement clarifies that these terms apply only when BrightStar is considered a "business associate" as defined in the referenced regulation. This means that the applicability of Privacy Laws and the obligations of both parties depend on whether the relationship between BrightStar and the franchisee meets the criteria that trigger business associate status under HIPAA and related regulations. Therefore, both Brightstar Care and the franchisee must determine if the relationship is considered a business associate relationship.

Disclaimer: This information is extracted from the 2025 Franchise Disclosure Document and is provided for research purposes only. It does not constitute legal or financial advice. Consult with a franchise attorney before making any investment decisions.
All Brightstar_Care 2025 FAQs Ask FDD Ninja